Tuesday, August 31, 2004

Return from A Fomosa

Today is a public holiday and I am taking a rest at home after returning from Melaka yesterday.

Taking opportunity of the Independence Day public holiday, my friends and I organize a trip to Melaka's A Fomosa Resort. It has been a great time for all of us to be able to make up the time to get together and go on a trip. It has been almost 2 years since we had our last group trip. Nice to see things is coming back.

A little bit of dissapointment on the Water Park. It does not has a lot of playground and rides to play with. My experience there has not been very thrilling. Sunway Lagoon would probably be better.

Nevertheless, it is good trip to be able to get most of us together and have a different activity than just the normal weekend mamaking.

This is also the first time I took my Honda City for out station drive. I am so amazed at how fuel economy it is when driving on highway. It only took slightly more than half a tank of petrol to travel 400km. The performance of the car also cannot be understate. By just lightly pressing on the accelerator and let it cruise on the highway, it can easily reach up to about 130kph without any strain on the engine.

Saturday, August 28, 2004

WinFX on Windows XP and 2003

Yesterday Microsoft announce that will make WinFX available on Windows XP and Windows Server 2003 when Longhorn client ship in 2006.

This is an extremely awesome and exiciting piece of news. This mean that WinFX application can reach a broader audience in a shorter timeframe and accelerate the adoption of WinFX.

Corporates can maintain their existing investment in the current platforms while still capable of taking advantage of the benefits offered by the applications built using the new technology. It will also give them a larger buffer and flexibility in planning to migrate to the new platform.

Follow this links to read more.


Tuesday, August 24, 2004

Why You Would Use App Domain?

There are 3 reasons:

1) To dynamically load and unload assembly. You can load an assembly, but you can't unload it because the CLR cannot keep track of all dependency of assembly. One workaround is to load these assemblies into a different app domain and unload the app domain once you are done.

2) For security reason. You can apply CAS to app domain to secure it from doing dangerous thing.

3) Different configuration setting. You can have different setting for each app domain that make it behave differently.


Monday, August 23, 2004

Building a relationship

Last weekend while sitting over a mamaking session with my friends, we talk about and share experience on what constitute a strong relationship.

Basically it all come down to these few points :

How much understanding do you have with your partner?
Do you manage to identify the weakness of your partner and tolerate it?
Are you willing to complement and compromise?

It is hardly you can find someone who is a 100% match. More often than not, you have to learn how to tolerate, complement and compromise.

You need to be frank, speak your own true heart and discuss problem(s) that you face in the relationship with your partner and get it over before it is too late.

Friday, August 20, 2004

How secure password could be?

Why you shouldn't be using passwords of any kind on your Windows networks.


Wednesday, August 11, 2004

Getting Desktop DC

Finally finish my screen capture program yesterday night. Now have to go back to the code to clean up some rubbish and refactor certain code base.

Thanks to one on my friend who pointed out to me that in order to get the desktop DC that you can draw on it, you have to use


or in managed code use


instead of the normal



Preventing SQL Injection

I was reading the Database Input chapter on Writing Secure Code 2nd edition.

SQL injection is no longer a new thing. It has been mentioned many many times.

Some well known prevention technique includes :
DO NOT dynamically constuct SQL statement in your code.
Use Named Parameter on SQL.
Use QUOTE function to nullify invalid character in object names.
Use Stored Procedure.

Using stored procedure is an interesting topic to talk about. While it solve some problems, it does not solve all. If you are using an unsafe SQL in your stored procedure, you are defeating everything else.

Creating dynamic SQL in code is also very common scenerio. I do this very often in situation where the actual SQL is depends on user input. For example, in the search feature of my app, user can choose to filter/search by different fields. The actual SQL that is constructed will then depend on the user fields that he choose.

If you have to construct dynamic SQL, always use Named Parameter in the SQL. And if you are constructing the SQL in stored procedure, use the sp_executesql system stored procedure.

Labels: ,

Wednesday, August 04, 2004

Friend's Car got stolen.

One of my friend's Wira was stolen last when she park it outside her house at night.

Now she got to go through all the hassles of settling the police report and insurance claim.

For those of you who park your car outside at night, please be more careful about it.

Tuesday, August 03, 2004

Draw with Inverse Color

After some research and testing, finally has figure out how to draw a rectangle using a color that is the inverse of its drawing surface. The code make use of PInvoke to GDI32 functions.

Here is the sample code :

public sealed class GDI32
public const int R2_NOT = 6;

public const int NULL_BRUSH = 5;
public const int HOLLOW_BRUSH = NULL_BRUSH;

[DllImport("gdi32.dll", EntryPoint="SetROP2")]
public static extern int SetROP2(IntPtr hDc, int fnDrawMode);

[DllImport("gdi32.dll", EntryPoint="SelectObject")]
public static extern IntPtr SelectObject(IntPtr hdc,IntPtr bmp);

[DllImport("gdi32.dll", EntryPoint="Rectangle")]
public static extern bool Rectangle(IntPtr hdc,int x, int y, int x2, int y2);

[DllImport("gdi32.dll", EntryPoint="GetStockObject")]
public static extern IntPtr GetStockObject(int fnObject);

public sealed class USER32
public static extern IntPtr GetDC(IntPtr ptr);


IntPtr p = USER32.GetDC(this.Handle); // System.Windows.Forms.Form.Handle
GDI32.SetROP2(p, GDI32.R2_NOT);
GDI32.SelectObject(p, GDI32.GetStockObject(GDI32.HOLLOW_BRUSH));
GDI32.Rectangle(p, sx, sy, cx, cy);

However, calling the code intensively will cause a performance hit. I use the code in the Winform's MouseMove event to draw the rectangle, and the performance degrades is evident. I have do some work to minimize the PInvoke call but it is still a slow code.

Labels: ,